On this page they are given a fake Turing test that tricks them into clicking a "blue button" which is their clickjacked Facebook page positioned at adding a new comment ("Share" button). The whole web page looks like this (clickjacked area is marked green):

The page has a meta-redirect set up to a Youtube movie launching in 12 seconds so a users might get the impression that the movie launched because they successfully passed the Turing test.

Multiple iframes are probably set up to trick clickjacking protections within browsers. A quick look tells that currently Firefox and Chrome are vulnerable to the attack, IE and Opera being safe, although that requires a bit more time to investigate.

Update: The attack does not work in IE and Opera only because of incorrect HTML used in one of the pages in this malicious site. Doing a simple fix in HTML makes both mentioned browsers also vulnerable to the attack.

Thanks go to Grzegorz Ciborowski and Pawel Czernikowski for detecting the attack.

Actually, this time IE behaves correctly. Firefox and Chrome are too forgiving for the invalid HTML syntax used in the document.

If you look closely in the last code snippet in the article the DIV is not closed (first line) so the IFRAME element shouldn't be interpreted at all. FF/Chrome fix it silently and the iframe gets displayed.

But seriously, that is a POOR attempt at confusing people. That would hardly confuse anyone, you can see the other boxes have random letters, and that just HAPPENS to have a proper 5 letter word called "Share", with the exact same background colour as the Facebook share button...

Meh, oh well. But they could've atleast BOTHERED to do SOMETHING to make it look better.Not saying they should've though, otherwise facebook would be even more spread with this. xD

Yeah, it looks silly but nevertheless this particular naive clickjacking attack succeeded back then. Many people clicked the button - of course FB did not publish any statistics, butit was popular among my friends and it was big enough to trigger blogosphere attention.